79743 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: Fixed NULL dereference in asocqcomlpasscpuplatformprobe The devmkzalloc function in asocqcomlpasscpuplatformprobe might potentially return a NULL pointer. A NULL pointer dereference could occur without any addition...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ovl: fixed null pointer dereference in ovlgetaclrcu The following processes are involved: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlget inodeacl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 channel pointer handling The pointer returned by ad4851parseChannelscommon is incremented internally as each channel is populated. In ad4858ParseChannels, the same pointer was further incremented whil...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/mm: Do not map lowcore with identity mapping. Since identity mapping is fixed at address zero, lowcore is always mapped to address zero as well. This occurs regardless of the relocatelowcore command-line option. If the optio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915: The issue of NULL pointer dereferencing was addressed by checking newcrtcstate. intelatomicgetnewcrtcstate may return NULL, unless the crtc state was previously obtained using intelatomicgetcrtcstate. Therefore, we must...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle the failure of netdevallocskbip-align. If the allocation fails, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch attempts t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: vxlan: Prevent NULL dereferencing in vxlanxmitone. Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, especially if the iface is disabled. This can lead to the following NULL dereferences: -...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fixed a possible null pointer dereferencing issue. In malidpmwconnectorreset, new memory is allocated using kzalloc, but no checks are performed. To prevent null pointer dereferencing, ensure that mwstate is check...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a possible NULL pointer dereferencing in sndusbpcmhasfixedrate. The argument of the subs function may be NULL; therefore, do not use it before a NULL check...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: RFCOMM: Avoid leaving a dangling sk pointer in rfcommsockalloc. The btsockalloc function attaches the allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Firmware: mesonsm: A fix was made to avoid potential NULL pointer dereferencing. The ofmatchdevice function may fail and return a NULL pointer. This issue was addressed by checking the return value of ofmatchdevice...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: Unregistering pllpost only if registered correctly If the registration of pllpost fails, it will be set to NULL or ERR. Unregistering pllpost will also fail, with the following call trace: “Unable to handle kern...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfsd: Do not replace a page in the rqpages array if it is a continuation of the last page. The splice function calls nfsdspliceactor to place the pages containing file data into the svcrqst-rqpages array. However, it is possible...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed a null-ptr-deref in iotctxexitcb. Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at address 0000000000000138 by task file1/1955 CPU: 1 PID: 195...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: tty: fixed a possible nullptrdefer issue in spkttyiorelease. Run the following tests on the qemu platform: syzkaller: modprobe speakupaudptr input: Speakup as /devices/virtual/input/input4 initialized device: /dev/synth, node...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel through version 5.10.1, as used with Xen up to version 4.14.x. The Linux kernel’s PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when the thread is stopped. However, the handler may not have enough time to execute if the...
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - ice: xsk: disabling TXQ interrupts before flushing hardware settings. - iceqpdis attempts to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps involved disabling interrupts on these queues...